Fall back to local address as IKEv1 identity if nothing else is configured

author Tobias Brunner <tobias@strongswan.org>

Fri, 24 Aug 2012 10:53:23 +0000 (12:53 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Fri, 24 Aug 2012 10:55:01 +0000 (12:55 +0200)
author Tobias Brunner <tobias@strongswan.org>
Fri, 24 Aug 2012 10:53:23 +0000 (12:53 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Fri, 24 Aug 2012 10:55:01 +0000 (12:55 +0200)
diff --git a/src/libcharon/sa/ikev1/phase1.c b/src/libcharon/sa/ikev1/phase1.c

index fee304e6f5ad716e799f3a5d878ab6648809aec9..e5a48ec4914e4897f3cdb099bc095b7db1fbc2cc 100644 (file)
--- a/src/libcharon/sa/ikev1/phase1.c
+++ b/src/libcharon/sa/ikev1/phase1.c
@@ -587,14 +587,26 @@ METHOD(phase1_t, select_config, peer_cfg_t*,
  METHOD(phase1_t, get_id, identification_t*,
         private_phase1_t *this, peer_cfg_t *peer_cfg, bool local)
  {
+       identification_t *id = NULL;
         auth_cfg_t *auth;
  
         auth = get_auth_cfg(peer_cfg, local);
         if (auth)
         {
-               return auth->get(auth, AUTH_RULE_IDENTITY);
+               id = auth->get(auth, AUTH_RULE_IDENTITY);
+               if (local && (!id || id->get_type(id) == ID_ANY))
+               {       /* no ID configured, use local IP address */
+                       host_t *me;
+
+                       me = this->ike_sa->get_my_host(this->ike_sa);
+                       if (!me->is_anyaddr(me))
+                       {
+                               id = identification_create_from_sockaddr(me->get_sockaddr(me));
+                               auth->add(auth, AUTH_RULE_IDENTITY, id);
+                       }
+               }
         }
-       return NULL;
+       return id;
  }
  
  METHOD(phase1_t, save_sa_payload, bool,
author	Tobias Brunner <tobias@strongswan.org>
	Fri, 24 Aug 2012 10:53:23 +0000 (12:53 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Fri, 24 Aug 2012 10:55:01 +0000 (12:55 +0200)